Internet Hijackings Prove Hard to Stop

Internet Hijackings Prove Hard to Stop

ISPs can take basic steps to prevent their routers from adopting bad paths. Major Internet firms should block bad routes announced by their customers. For example, if a company claims its network is a valid route to portions of the Internet, the company’s Internet provider should catch the error and stop the update. China Telecom failed to do this. In addition, Internet infrastructure companies should filter out obviously invalid announcements, Santorelli says.

A more involved proposal calls for the creation of a system of encryption and authentication that would verify the legitimacy of routing announcements. Known as Secure BGP, the technology would digitally sign BGP updates to prevent forged announcements and include information about the range of IP addresses for which a router is responsible.

These additions would eliminate the threat of network hijackings, but not without a price. Adding encryption to infrastructure technologies requires heftier processors and more memory, requiring ISPs to purchase new routers. Without a mandate from a coalition of governments or industry—which is what happened to reform the security of the Internet’s DNS system—it’s unlikely Secure BGP will be adopted. And unless it’s adopted everywhere, Secure BGP will not offer any benefits, says Renesys’s Zmijewski.

“With Secure BGP, you have a chicken and egg problem,” he says. “No company wants to be the first to adopt it, because of the costs involved.”

A more reasonable solution that offers benefits even before widespread adoption is Pretty Good BGP, a proposal from researchers at the University of New Mexico and Princeton University. That plan essentially suggests that ISPs hold any router updates for 24 hours. Since most bad updates can be fixed well before that time, it could dramatically reduce the impact of any Internet hijacking. “The waiting period would eliminate a lot of mistakes, (and) Pretty Good BGP could be implemented today,” Zmijewski says.

But there would be a downside to this method as well. It could prevent routers from responding to announcements that are designed to route around sudden failures and changes to the Internet.